MSI
WinGet
Beats winlogbeat
Elastic · 8.2.0 · x64
Before deploying, verify this file with VirusTotal ↗
Silent Commands
Install
msiexec /i winlogbeat-8.2.0-windows-x86_64.msi /quiet /norestart
Intune Detection Rule
MSI Rule
Rule type
MSI information
Product code
{2DE7C165-4793-5EE1-9DF0-372072553E2B}
Product version operator
Greater than or equal to
Product version
8.2.0
MSI Properties
Product Code
{2DE7C165-4793-5EE1-9DF0-372072553E2B}
File Identity
Filename
winlogbeat-8.2.0-windows-x86_64.msi
Signature
Status
Upload installer to verify signature
Installer Selection
WinGet Package
Package ID
Elastic.Winlogbeat
Version
8.2.0
Description
Winlogbeat, the open source tool for shipping Windows event logs to Elasticsearch to get insight into your system, application, and security information.
License
Dual licensed under the Elastic License and the Server Side Public License
↗
Installer URL
https://artifacts.elastic.co/downloads/beats/winlogbeat/winlogbeat-8.2.0-windows-x86_64.msi
Min OS Version
10.0.0.0
Upgrade Behavior
install(Install over existing)
Release Notes
Breaking changes
• Fix mapping of parent process information provided by add_process_metadata.
• Fix routing for PowerShell events.
• Fix missing annotation of event.module.
Added
• Add support for port mapping in docker hints. 31243
• Relax timestamp syntax for RFC3164 syslog to allow leading zero on day. 16824 31254
• Improve the error message when the registry file content is invalid. 30543